CVE-2020-26978

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1677047
• https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/
• https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/
• https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/
• https://www.mozilla.org/security/advisories/mfsa2020-54/
• https://www.mozilla.org/security/advisories/mfsa2020-55/
• https://www.mozilla.org/security/advisories/mfsa2020-56/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2020-56
• MFSA2020-54
• MFSA2020-55

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2020-16042
• CVE-2020-26971
• CVE-2020-26973
• CVE-2020-26974
• CVE-2020-26978
• CVE-2020-35111
• CVE-2020-35112
• CVE-2020-35113
• CVE-2020-26972
• CVE-2020-26975
• CVE-2020-26976
• CVE-2020-26977
• CVE-2020-26979
• CVE-2020-35114

Frequently Asked Questions

• What is the severity of CVE-2020-26978?

  CVE-2020-26978 is classified as a high severity vulnerability that could lead to information disclosure.

• How do I fix CVE-2020-26978?

  To mitigate CVE-2020-26978, users should upgrade to Firefox version 84 or later, or to the latest versions of Firefox ESR or Thunderbird.

• What types of software are affected by CVE-2020-26978?

  CVE-2020-26978 affects Mozilla Firefox versions before 84, Firefox ESR versions before 78.6, and Thunderbird versions before 78.6.

• Can CVE-2020-26978 be exploited remotely?

  Yes, CVE-2020-26978 can be exploited via a malicious webpage that users visit.

• What kind of data could be exposed due to CVE-2020-26978?

  CVE-2020-26978 could expose internal network hosts and services running on the user's local machine.